Job title:

Information/Sr Information Security Consultant-GRC Practice

Job type:


Required Experience:

3-11 years


As per industry

Emp type:

Full Time


Bangalore / Mumbai

Job Published Date:


Job ID:


Job Description

Job Title – Information/Sr Information Security Consultant-GRC Practice  

Exp- 3-11 Years 

Job Function – Managing GRC Projects

Job Location – Bengaluru & Mumbai (Should be willing to travel within and outside India)

Job Description

1) Conducting Information Security Governance, Risk & Compliance (GRC) Consulting projects for customers across the globe using various standards like PCI-DSS, ISO 27001, NIST CSF, COBIT, etc)  

2) Defining the risk management methodology supported by a threat-vulnerability assessment in collaboration with key stakeholders within the organization

3) Defining, documenting, Implementing and refining information security management frameworks within client organizations. The documentation may include  Information security strategy, IS policies, procedures, standards, SOP’s, forms, templates, etc. 

4) Conducting comprehensive risk assessments in close coordination with internal and external stakeholders

5) Assisting in implementation/maintenance of information security policies and procedures in compliance to Governance, legal, contractual or internal requirements 

7) Conducting Information Security awareness programs with objective of increasing the information security awareness of staff and management on latest information security threats and vulnerabilities through innovative ideas and initiatives

8) Managing the assigned team, project management & delivery management

9) Training the internal team on GRC & Risk Assessment 

10) Meeting prospective customers on presales meetings and/or specialized GRC and risk management consulting services



Required Skills & Expertise

1) 3-11 Years of core experience in GRC consulting including but not limited to the areas of – Information Security Governance, Business Continuity Management, Risk Management,  Information Security Incident Management, etc.

2) A Bachelor or a Master’ s degree in IT, ECE or Computer Sciences.  

3) Should have conducted ISO 27001 gap assessments, PCI DSS gap assessments & other gap assessments against information security regulatory/statutory/compliance requirements 

4) Should have exposure to conducting banking Information Security audits

5) Should be able to work in a diverse team and should be able to adapt to various challenging customer environments

6) Should be results-oriented and able to deliver within preset deadlines. 

7) Should value quality and client-satisfaction 

8) Should possess very good communication skills (written/spoken English & presentation skill)

9) Should be well versed with at least ISO 27001 & PCI-DSS

10) Should have strong experience in conducting risk management and must have knowledge of various risk assessment methodologies 

11) Should have the capability to provide on-demand solutions pertaining to Governance & Risk management